- web.groovymark@gmail.com
- December 4, 2024
Question 21
A security administrator implements a solution that requires users to verify their identity using both a password and a fingerprint. This is an example of which of the following?
A. Single sign-on
B. Two-factor authentication
C. Multi-factor authentication
D. Role-based access control
Correct Answer: C. Multi-factor authentication
Explanation: Multi-factor authentication (MFA) requires users to verify their identity using more than one type of credential, such as something they know (password) and something they are (fingerprint). Single sign-on and role-based access control work differently.
Question 22
Which of the following methods is used to prevent SQL injection attacks by controlling the data input into SQL queries?
A. Data encryption
B. Input validation
C. MAC filtering
D. VPN
Correct Answer: B. Input validation
Explanation: Input validation prevents SQL injection attacks by ensuring that only valid, expected data is used in SQL queries. Other methods, such as encryption and MAC filtering, serve different purposes.
Question 23
An attacker uses a compromised device to flood a network with traffic, disrupting its services. This is an example of which type of attack?
A. Brute-force attack
B. SQL injection
C. Denial of Service (DoS)
D. Phishing
Correct Answer: C. Denial of Service (DoS)
Explanation: A Denial of Service (DoS) attack floods a network or system with traffic, disrupting its normal operations. Brute-force attacks, SQL injection, and phishing involve different attack methods.
Question 24
Which of the following protocols is used to encrypt email communications and ensure confidentiality?
A. SSL
B. S/MIME
C. FTP
D. SNMP
Correct Answer: B. S/MIME
Explanation: S/MIME is a protocol used to encrypt email communications to ensure confidentiality. SSL, FTP, and SNMP serve different purposes in network security.
Question 25
Which of the following refers to the use of random data added to a password before hashing to enhance its security?
A. Salting
B. Encryption
C. Tokenization
D. Hashing
Correct Answer: A. Salting
Explanation: Salting adds random data to a password before hashing it, making it more secure against attacks such as brute-force attempts. Encryption, tokenization, and hashing have different functions.
Question 26
Which of the following refers to a type of malware that can replicate itself and spread across systems without any user interaction?
A. Worm
B. Virus
C. Trojan
D. Ransomware
Correct Answer: A. Worm
Explanation: A worm is a type of malware that can replicate and spread across systems without user interaction. Viruses, trojans, and ransomware require user action to propagate.
Question 27
An attacker sends unsolicited emails containing malicious links to multiple recipients. This is an example of which type of attack?
A. Denial of Service
B. Phishing
C. SQL injection
D. Brute-force
Correct Answer: B. Phishing
Explanation: Phishing involves sending unsolicited emails with malicious links to trick users into revealing sensitive information. The other options refer to different types of attacks
Question 28
Which of the following refers to a framework that standardizes security incident response and risk management practices?
A. Role-based access control
B. NIST Cybersecurity Framework
C. VPN
D. Tokenization
Correct Answer: B. NIST Cybersecurity Framework
Explanation: The NIST Cybersecurity Framework provides standardized guidelines for risk management and incident response. Other options do not provide a risk management framework.
Question 29
Which of the following attacks involves an attacker gaining access to a system by guessing or cracking passwords?
A. Brute-force attack
B. Phishing
C. Man-in-the-middle
D. Cross-site scripting
Correct Answer: A. Brute-force attack
Explanation: A brute-force attack involves guessing or cracking passwords to gain unauthorized access to a system. Other options describe different types of attacks.
Question 30
Which of the following is used to protect data while it is being transmitted over a network?
A. Encryption
B. Firewalls
C. Tokenization
D. VPN
Correct Answer: A. Encryption
Explanation: Encryption protects data in transit by converting it into unreadable code that can only be deciphered by authorized parties. Firewalls, tokenization, and VPNs offer different types of protection.
Question 31
Which of the following ensures that a message or document has not been altered since it was sent?
A. Confidentiality
B. Integrity
C. Availability
D. Authentication
Correct Answer: B. Integrity
Explanation: Integrity ensures that a message or document remains unchanged during transmission. Confidentiality protects against unauthorized access, availability ensures access to data when needed, and authentication verifies the identity of the sender.
Question 32
What type of attack involves the unauthorized redirection of internet traffic to malicious websites?
A. SQL injection
B. Man-in-the-middle
C. DNS poisoning
D. Cross-site scripting
Correct Answer: C. DNS poisoning
Explanation: DNS poisoning involves redirecting internet traffic from legitimate websites to malicious ones by corrupting DNS server information. SQL injection, man-in-the-middle, and cross-site scripting are different forms of attacks.
Question 33
Which of the following ensures that data is accessible only to authorized users?
A. Confidentiality
B. Integrity
C. Availability
D. Encryption
Correct Answer: A. Confidentiality
Explanation: Confidentiality ensures that sensitive data is accessible only to authorized individuals. Integrity ensures data accuracy, availability ensures timely access, and encryption is a method to achieve confidentiality and integrity.
Question 34
Which of the following is the best practice for securing sensitive data on portable devices such as USB drives?
A. MAC filtering
B. Data encryption
C. Tokenization
D. VPN
Correct Answer: B. Data encryption
Explanation: Data encryption ensures that sensitive information on portable devices, like USB drives, remains secure even if the device is lost or stolen. MAC filtering, tokenization, and VPNs serve different purposes.
Question 35
Which of the following methods involves distributing different encryption keys for each session to enhance security?
A. Perfect forward secrecy
B. Tokenization
C. Hashing
D. Salting
Correct Answer: A. Perfect forward secrecy
Explanation: Perfect forward secrecy ensures that each session uses a different encryption key, enhancing security. Tokenization, hashing, and salting are different security techniques.
Question 36
Which of the following is the primary purpose of implementing a firewall?
A. To authenticate users
B. To encrypt data
C. To control incoming and outgoing network traffic
D. To store encryption keys
Correct Answer: C. To control incoming and outgoing network traffic
Explanation: A firewall controls network traffic, monitoring and filtering it based on predefined security rules. It does not authenticate users, encrypt data, or store encryption keys.
Question 37
Which of the following protocols is used for secure file transfer over a network?
A. FTP
B. SFTP
C. HTTP
D. SMTP
Correct Answer: B. SFTP
Explanation: SFTP (Secure File Transfer Protocol) is used for secure file transfer over a network. FTP, HTTP, and SMTP are older or less secure options.
Question 38
What type of attack involves the unauthorized modification of an existing DNS record to redirect traffic to a malicious website?
A. Phishing
B. SQL injection
C. DNS spoofing
D. Cross-site scripting
Correct Answer: C. DNS spoofing
Explanation: DNS spoofing involves modifying DNS records to redirect traffic from legitimate websites to malicious ones. Phishing, SQL injection, and cross-site scripting use different attack methods.
Question 39
Which of the following security principles ensures that a user cannot deny having performed a specific action?
A. Integrity
B. Confidentiality
C. Non-repudiation
D. Availability
Correct Answer: C. Non-repudiation
Explanation: Non-repudiation ensures that a user cannot deny having performed a specific action, such as sending a message or signing a document. Integrity, confidentiality, and availability are different aspects of information security.
Question 40
Which of the following tools is used to capture and analyze network traffic?
A. Firewall
B. Packet sniffer
C. VPN
D. Antivirus software
Correct Answer: B. Packet sniffer
Explanation: A packet sniffer captures and analyzes network traffic for monitoring and troubleshooting purposes. Firewalls, VPNs, and antivirus software serve different functions.